HttpPost忽略证书请求https

在请求 https 时,会遇到证书有一些问题的情况,所以在发送请求的时候需要忽略证书验证。

(使用的主要jar包括httpclient-4.5.1.jar和httpcore-4.4.3.jar)

/**
     * 控制设备
     * @return
     */
    public String controlDevice() {
    	final String queryDevicesUrl="https://xxx.com:10000/dnaproxy/v1/device/control";

    	CloseableHttpClient client = HttpClients.createDefault();
    	client = (CloseableHttpClient)wrapClient(client);  
        HttpPost post = new HttpPost(queryDevicesUrl);
        
        Long timestamp=System.currentTimeMillis();
        
        Map params=new HashMap();
        params.put("license", LICENSE);
        params.put("did", "00000000000000000000b4430ddbcd0e");
        params.put("pid", "000000000000000000000000384f0000");
        params.put("tpid", "20280");
        params.put("subdevdid", "");
        params.put("subdevpid", "");
        params.put("act", "set");
        params.put("srv", "");
        List list=new ArrayList();
        list.add("pwr");
        params.put("params", list);
        List< List< Map< String,Integer>>> l1=new ArrayList< List< Map< String,Integer>>>();
        List< Map< String,Integer>> l2=new ArrayList< Map< String,Integer>>();
        Map map=new HashMap();
        map.put("idx", 1);
        map.put("val", 0);
        l2.add(map);
        l1.add(l2);
        
        params.put("vals", l1);
        
        String postData=new Gson().toJson(params);       
        
    //  post.setHeader("Content-Type", "application/json");
        post.addHeader("timestamp", timestamp.toString());
        post.addHeader("signature", DigestUtils.shaHex(postData+timestamp+LICENSE));
        post.addHeader("userid", USERID);
        post.addHeader("accesskey", ACCESSKEY);
        
        
        String result = "";
        
        try {
            StringEntity s = new StringEntity(postData);
          //  s.setContentEncoding(new BasicHeader(HTTP.CONTENT_TYPE,"application/json"));
            post.setEntity(s);
            
            // 发送请求
            CloseableHttpResponse httpResponse = client.execute(post);
            
            if (httpResponse.getStatusLine().getStatusCode() == HttpStatus.SC_OK) {
            	System.out.println("请求服务器成功");
            	result=EntityUtils.toString(httpResponse.getEntity(),"utf-8");
            	httpResponse.close();
                System.out.println("结果:\n"+result);
            } else {
                System.out.println("请求服务端失败");
                httpResponse.close();
            }
        } catch (Exception e) {
            System.out.println("请求异常");
            e.printStackTrace();
        }

        return result;
    }
	
	/**
	 * 避免HttpClient的”SSLPeerUnverifiedException: peer not authenticated”异常
	 * 不用导入SSL证书
	 * @param base
	 * @return
	 */
	public static HttpClient wrapClient(HttpClient base) {
		try {
			SSLContext ctx = SSLContext.getInstance("TLS");
			X509TrustManager tm = new X509TrustManager() {
				public X509Certificate[] getAcceptedIssuers() {
					return null;
				}

				public void checkClientTrusted(X509Certificate[] arg0,
						String arg1) throws CertificateException {
				}

				public void checkServerTrusted(X509Certificate[] arg0,
						String arg1) throws CertificateException {
				}
			};
			ctx.init(null, new TrustManager[] { tm }, null);
			SSLConnectionSocketFactory ssf = new SSLConnectionSocketFactory(ctx,NoopHostnameVerifier.INSTANCE);
			CloseableHttpClient httpclient = HttpClients.custom().setSSLSocketFactory(ssf).build();
			return httpclient;
		} catch (Exception ex) {
			ex.printStackTrace();
			return HttpClients.createDefault();
		}
	}

说明:其中wrapClient方法就是创建一个不进行正式验证的请求客户端对象。

参考文档:

1.http://www.th7.cn/Program/Java/201402/173791.shtml Https请求基本过程介绍;

2.http://blog.csdn.NET/kobejayandy/article/details/44284765 老版本Https请求的常见实现;

3.http://hc.apache.org/httpcomponents-client-ga/httpclient/apidocs/org/apache/http/impl/client/CloseableHttpClient.html  Https请求使用类的最新官方API说明。

展开阅读全文